Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/LXthtgXDL1N6EBr48JXXI3bb2L8.roa
File: LXthtgXDL1N6EBr48JXXI3bb2L8.roa (raw, json)
Hash identifier: Te/bLVJdVfO+RUqlNO0A1h+deEf6H7HO0ZYLXrJLsd8=
Subject key identifier: 2D:7B:61:B6:05:C3:2F:53:7A:10:1A:F8:F0:95:D7:23:76:DB:D8:BF
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 0187FED119F8DB5CA687E9EDF996C62F9872
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/LXthtgXDL1N6EBr48JXXI3bb2L8.roa
Signing time: Tue 09 May 2023 04:42:09 +0000
ROA not before: Tue 09 May 2023 04:42:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 109.72.112.0/24 maxlen: 24
109.72.114.0/24 maxlen: 24
109.72.115.0/24 maxlen: 24
109.72.116.0/24 maxlen: 24
109.72.113.0/24 maxlen: 24
109.72.117.0/24 maxlen: 24
109.72.118.0/24 maxlen: 24
109.72.119.0/24 maxlen: 24
89.185.0.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 10 May 2023 16:04:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:fe:d1:19:f8:db:5c:a6:87:e9:ed:f9:96:c6:2f:98:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: May 9 04:42:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2d7b61b605c32f537a101af8f095d72376dbd8bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:ea:1e:ca:ac:0e:df:e0:1a:f3:9e:9d:21:e1:
c2:b4:69:e3:b2:fe:11:81:06:91:cc:c4:3e:4a:21:
2c:e9:17:5d:ff:95:47:f5:3e:75:8c:67:88:43:5b:
53:82:a1:1d:8b:bd:e8:2b:e9:8a:b4:ec:94:2c:ab:
bc:5f:37:55:32:40:93:8e:72:a9:6a:8b:fe:96:d9:
8f:54:b4:93:2d:c5:56:a7:19:87:a7:55:ba:05:f5:
e3:a7:76:13:4a:49:a0:fa:96:05:b9:48:7b:da:78:
fe:9a:ac:52:ee:aa:3f:b2:4d:1c:25:66:4f:78:c4:
3e:1e:f6:85:ea:b6:34:bd:88:4f:2f:29:22:88:67:
a8:f6:b4:59:13:6a:ca:9b:26:a8:c7:93:6f:37:9c:
b9:20:b7:08:47:f1:94:34:d8:6f:22:b3:3e:b5:d0:
a1:12:03:10:eb:f6:ae:0a:1a:e6:d5:cb:4b:ba:22:
e3:46:79:53:45:bf:e3:52:0f:06:c4:ae:88:f7:c5:
7c:d7:55:d0:18:9d:ad:41:c8:69:37:ae:48:ac:99:
fa:0b:6e:59:d5:0b:a8:ee:53:2a:e0:a0:af:43:af:
3c:f6:7a:1a:ad:91:ea:d5:12:c4:98:88:d5:38:42:
2e:6f:fd:92:eb:8b:31:09:4f:b1:7f:f2:ee:25:a3:
93:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:7B:61:B6:05:C3:2F:53:7A:10:1A:F8:F0:95:D7:23:76:DB:D8:BF
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/LXthtgXDL1N6EBr48JXXI3bb2L8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.185.0.0/22
109.72.112.0/21
Signature Algorithm: sha256WithRSAEncryption
5f:fb:bf:37:f0:fe:3f:7e:ba:94:12:37:db:2b:af:7c:13:48:
ae:5d:c7:43:ab:d2:35:a4:cd:98:ee:b8:35:0d:c4:0b:16:a8:
35:a5:24:55:71:20:3d:9c:48:99:0e:3d:d8:d6:e7:16:fe:d9:
59:9b:1f:a4:8e:7d:d4:a7:a2:d1:45:b5:d2:3d:50:6a:cc:3f:
51:17:ac:cd:02:36:59:6a:f4:37:25:1c:92:21:76:86:16:5d:
8d:9a:cb:78:e0:e7:0f:87:1e:83:a9:a1:8c:4f:dc:da:d4:8c:
88:4e:4e:82:42:fc:08:53:91:8f:85:28:39:df:dd:b6:a1:d3:
59:44:05:32:b2:ef:7c:71:e4:f0:61:67:65:c2:55:32:f2:cd:
eb:6f:2b:ed:7b:a1:6b:ff:e0:c8:46:e9:86:ac:00:3b:9e:22:
64:68:4e:7a:33:aa:73:ad:06:5e:ce:0d:e1:a4:db:9e:0c:58:
00:9a:b7:ef:a6:19:9c:9e:ad:a8:82:76:cb:a3:06:d7:18:bf:
31:54:3c:f7:8e:44:2b:26:70:e0:2b:48:15:a5:e9:79:cd:83:
af:c8:ec:15:05:ad:ba:26:b2:4b:d8:fe:ad:94:2e:54:54:ea:
b2:1c:0a:c4:6d:d7:6b:de:d7:17:b1:ed:a7:6e:0e:d5:20:97:
62:bd:2d:0c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYf+0Rn421ymh+nt+ZbGL5hyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwNTA5MDQ0MjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDdiNjFiNjA1YzMyZjUzN2ExMDFhZjhmMDk1ZDcyMzc2ZGJkOGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3OoeyqwO3+Aa856dIeHCtGnjsv4R
gQaRzMQ+SiEs6Rdd/5VH9T51jGeIQ1tTgqEdi73oK+mKtOyULKu8XzdVMkCTjnKp
aov+ltmPVLSTLcVWpxmHp1W6BfXjp3YTSkmg+pYFuUh72nj+mqxS7qo/sk0cJWZP
eMQ+HvaF6rY0vYhPLykiiGeo9rRZE2rKmyaox5NvN5y5ILcIR/GUNNhvIrM+tdCh
EgMQ6/auChrm1ctLuiLjRnlTRb/jUg8GxK6I98V811XQGJ2tQchpN65IrJn6C25Z
1Quo7lMq4KCvQ6889noarZHq1RLEmIjVOEIub/2S64sxCU+xf/LuJaOTtwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFC17YbYFwy9TehAa+PCV1yN229i/MB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvTFh0aHRnWERMMU42RUJyNDhKWFhJM2JiMkw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCWbkAAwQD
bUhwMA0GCSqGSIb3DQEBCwUAA4IBAQBf+7838P4/frqUEjfbK698E0iuXcdDq9I1
pM2Y7rg1DcQLFqg1pSRVcSA9nEiZDj3Y1ucW/tlZmx+kjn3Up6LRRbXSPVBqzD9R
F6zNAjZZavQ3JRySIXaGFl2Nmst44OcPhx6DqaGMT9za1IyITk6CQvwIU5GPhSg5
3922odNZRAUysu98ceTwYWdlwlUy8s3rbyvte6Fr/+DIRumGrAA7niJkaE56M6pz
rQZezg3hpNueDFgAmrfvphmcnq2ognbLowbXGL8xVDz3jkQrJnDgK0gVpel5zYOv
yOwVBa26JrJL2P6tlC5UVOqyHArEbddr3tcXse2nbg7VIJdivS0M
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org